Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
v.26.4.2314

Missing Update

This page lists 23101 vulnerabilities in this category.

Critical: 1474 High: 12458 Medium: 8395 Low: 770 Information: 4
Vulnerability Name
CVE
CWE
Severity
MediaWiki CVE-2022-28209 Vulnerability (CVE-2022-28209)
CVE-2022-28209
-
Critical
Magento Insufficient Session Expiration Vulnerability (CVE-2019-8149)
CVE-2019-8149
CWE-613
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28346)
CVE-2022-28346
CWE-138
Critical
Oracle HTTP Server Exposure of Resource to Wrong Sphere Vulnerability (CVE-2022-25236)
CVE-2022-25236
CWE-668
Critical
PHP Use After Free Vulnerability (CVE-2019-9020)
CVE-2019-9020
CWE-416
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-28347)
CVE-2022-28347
CWE-138
Critical
Envoy Proxy Use of Incorrectly-Resolved Name or Reference Vulnerability (CVE-2019-9901)
CVE-2019-9901
CWE-706
Critical
Apache HTTP Server CVE-2010-0425 Vulnerability (CVE-2010-0425)
CVE-2010-0425
-
Critical
Oracle Database Server CVE-2010-0071 Vulnerability (CVE-2010-0071)
CVE-2010-0071
-
Critical
Oracle HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') Vulnerability (CVE-2022-22720)
CVE-2022-22720
CWE-444
Critical
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)
CVE-2022-22721
CWE-190
Critical
Oracle HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-22721)
CVE-2022-22721
CWE-190
Critical
Jetty Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2009-5047)
CVE-2009-5047
CWE-119
Critical
Spring Cloud Gateway Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression La Vulnerability (CVE-2022-22947)
CVE-2022-22947
CWE-138
Critical
WebLogic Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2022-22965)
CVE-2022-22965
CWE-94
Critical
LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9960)
CVE-2019-9960
CWE-22
Critical
Python Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2019-9948)
CVE-2019-9948
CWE-22
Critical
WebLogic Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-23305)
CVE-2022-23305
CWE-138
Critical
WebLogic Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-23457)
CVE-2022-23457
CWE-22
Critical
EspoCRM Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-7985)
CVE-2014-7985
CWE-22
Critical
Artifactory CVE-2019-9733 Vulnerability (CVE-2019-9733)
CVE-2019-9733
-
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2019-9021)
CVE-2019-9021
CWE-125
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9641)
CVE-2019-9641
CWE-119
Critical
Python CVE-2019-9636 Vulnerability (CVE-2019-9636)
CVE-2019-9636
-
Critical
Nexus Repository Manager Improper Authentication Vulnerability (CVE-2019-9629)
CVE-2019-9629
CWE-287
Critical
Joomla Improper Authentication Vulnerability (CVE-2022-23795)
CVE-2022-23795
CWE-287
Critical
Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-23797)
CVE-2022-23797
CWE-138
Critical
Joomla CVE-2022-23799 Vulnerability (CVE-2022-23799)
CVE-2022-23799
-
Critical
PHP Other Vulnerability (CVE-2009-4143)
CVE-2009-4143
-
Critical
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943)
CVE-2022-23943
CWE-787
Critical
Apache HTTP Server Out-of-bounds Write Vulnerability (CVE-2022-23943)
CVE-2022-23943
CWE-787
Critical
Pega Infinity Deserialization of Untrusted Data Vulnerability (CVE-2022-24082)
CVE-2022-24082
CWE-502
Critical
Pega Infinity Other Vulnerability (CVE-2022-24083)
CVE-2022-24083
-
Critical
Magento Improper Input Validation Vulnerability (CVE-2022-24086)
CVE-2022-24086
CWE-20
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2019-9025)
CVE-2019-9025
CWE-119
Critical
PHP Out-of-bounds Read Vulnerability (CVE-2019-9023)
CVE-2019-9023
CWE-125
Critical
Ruby on Rails Improper Authentication Vulnerability (CVE-2009-2422)
CVE-2009-2422
CWE-287
Critical
Apache HTTP Server Integer Overflow or Wraparound Vulnerability (CVE-2022-28615)
CVE-2022-28615
CWE-190
Critical
IBMHttpServer CVE-2010-0425 Vulnerability (CVE-2010-0425)
CVE-2010-0425
-
Critical
Drupal Improper Input Validation Vulnerability (CVE-2019-6339)
CVE-2019-6339
CWE-20
Critical
Django Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2022-34265)
CVE-2022-34265
CWE-138
Critical
Moodle Improper Input Validation Vulnerability (CVE-2022-35649)
CVE-2022-35649
CWE-20
Critical
Python Improper Neutralization of Special Elements used in a Command ('Command Injection') Vulnerability (CVE-2015-20107)
CVE-2015-20107
CWE-138
Critical
Joomla Deserialization of Untrusted Data Vulnerability (CVE-2019-7743)
CVE-2019-7743
CWE-502
Critical
WordPress CVE-2008-6767 Vulnerability (CVE-2008-6767)
CVE-2008-6767
-
Critical
Nexus Repository Manager CVE-2019-7238 Vulnerability (CVE-2019-7238)
CVE-2019-7238
-
Critical
Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-7139)
CVE-2019-7139
CWE-138
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36094)
CVE-2022-36094
CWE-707
Critical
phpMyAdmin Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-6798)
CVE-2019-6798
CWE-138
Critical
Drupal Configuration Vulnerability (CVE-2008-6171)
CVE-2008-6171
-
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36096)
CVE-2022-36096
CWE-707
Critical
XWiki Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-36098)
CVE-2022-36098
CWE-707
Critical
Drupal Improper Input Validation Vulnerability (CVE-2019-6342)
CVE-2019-6342
CWE-20
Critical
PrestaShop CVE-2008-5791 Vulnerability (CVE-2008-5791)
CVE-2008-5791
-
Critical
Oracle Application Server CVE-2008-7233 Vulnerability (CVE-2008-7233)
CVE-2008-7233
-
Critical
Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2022-36760)
CVE-2022-36760
-
Critical
Claroline Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2022-37159)
CVE-2022-37159
CWE-434
Critical
Frontaccounting Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5720)
CVE-2019-5720
CWE-138
Critical
silverstripeCMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-5715)
CVE-2019-5715
CWE-138
Critical
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2019-5482)
CVE-2019-5482
CWE-787
Critical
PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2008-5557)
CVE-2008-5557
CWE-119
Critical
Ruby on Rails Improper Input Validation Vulnerability (CVE-2019-5420)
CVE-2019-5420
CWE-20
Critical
PHP Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
Python Integer Overflow or Wraparound Vulnerability (CVE-2022-37454)
CVE-2022-37454
CWE-190
Critical
Oracle Database Server CVE-2015-2629 Vulnerability (CVE-2015-2629)
CVE-2015-2629
-
Critical
Python Numeric Errors Vulnerability (CVE-2008-5031)
CVE-2008-5031
-
Critical
Skipper Server-Side Request Forgery (SSRF) Vulnerability (CVE-2022-38580)
CVE-2022-38580
CWE-918
Critical
WordPress Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2008-4796)
CVE-2008-4796
CWE-138
Critical
WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-4769)
CVE-2008-4769
CWE-22
Critical
Magento Incorrect Authorization Vulnerability (CVE-2022-34256)
CVE-2022-34256
CWE-863
Critical
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-7251)
CVE-2008-7251
CWE-264
Critical
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2022-28660)
CVE-2022-28660
CWE-306
Critical
MediaWiki Incorrect Authorization Vulnerability (CVE-2022-29906)
CVE-2022-29906
CWE-863
Critical
Ruby Double Free Vulnerability (CVE-2022-28738)
CVE-2022-28738
CWE-415
Critical
Magento CVE-2019-8144 Vulnerability (CVE-2019-8144)
CVE-2019-8144
-
Critical